Configuring a Blacklisted Entry (NSM Procedure)
To configure a blacklisted entry:
- In the NSM navigation tree, click Device Manager > Devices.
- Select an ISG1000, ISG2000, NetScreen–5200, or NetScreen–5400 device.
- Click the Edit icon to edit the device. The Device dialog box for the selected device appears.
- In the device navigation tree, click Advanced > CPU > Blacklist/Throttling Threshold. Click the Add icon. The New Blacklist Entry dialog box appears.
- Modify the settings as described in Table 1. Click OK.
Table 1: Blacklist Configuration Fields
Field
Description
ID
The ID of the blacklist is generated automatically.
Source IP
The source IP address from which the DoS attack traffic originated.
Destination IP
The destination IP address.
Source Port
The source port in a TCP or UDP session. Set this to 0 to match all ports.
Destination Port
The destination port in a TCP or UDP session. Set this to 0 to match all ports.
Protocol
The source port and destination port are valid only when you have set the protocol as UDP or TCP. Set this value to 0 to match any protocol.
Source IP Net Mask
The range is 0-32. Set this field to 0 to match all source IP addresses.
Destination IP Mask
The range is 0-32. Set this field to 0 to match all destination IP addresses.
Note: A blacklist with 0 timeout will not expire.
